/** * */ package com.product.admin.controller; import com.product.admin.config.SystemCode; import com.product.admin.service.RolesService; import com.product.admin.service.idel.IRolesService; import com.product.admin.util.ResultInfo; import com.product.core.config.CoreConst; import com.product.core.controller.support.AbstractBaseController; import com.product.core.dao.BaseDao; import com.product.core.entity.DataTableEntity; import com.product.core.entity.FieldSetEntity; import com.product.core.entity.RequestParameterEntity; import com.product.core.exception.BaseException; import com.product.core.permission.PermissionService; import com.product.core.spring.context.SpringMVCContextHolder; import com.product.module.sys.config.SystemErrorCode; import com.product.module.sys.entity.SystemUser; import com.product.module.sys.version.ApiVersion; import com.product.util.BaseUtil; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; import org.springframework.web.bind.annotation.RestController; import javax.servlet.http.HttpServletRequest; /** * Copyright LX-BASE * * @Title: RolesController * @Project: LX-BASE-SERVER * @Date: 2020年6月4日 下午8:36:04 * @Author: 郑盟 * @Description: 权限管理 */ @RestController @RequestMapping("/api/role") public class RolesController extends AbstractBaseController { @Autowired private RolesService rolesService; @Autowired private BaseDao baseDao; /** * 数据权限验证 */ @Autowired PermissionService permissionService; /** * admin修改管理员的 功能权限关系列表 产品+模块+功能+按钮 * 单位管理员创建、修改管理员 * @return */ @RequestMapping(value = "/list-function_role/{version}", method = RequestMethod.POST) public String listFunctionRole(HttpServletRequest request) { try { FieldSetEntity fse = null; Object bean = request.getAttribute(CoreConst.API_POST_REQUEST_DATA); if (bean != null) { RequestParameterEntity reqp = (RequestParameterEntity) bean; fse = reqp.getFormData(); } String role_uuid = fse.getString("role_uuid"); DataTableEntity dt = rolesService.listFunctionRoleForClients(role_uuid, fse.getString("client_role_uuid"), true); return this.OK_List(dt); } catch (BaseException e) { SpringMVCContextHolder.getSystemLogger().error(e); return this.error(e.getCode(), e.getMessageInfo()); } catch (Exception e) { e.printStackTrace(); SpringMVCContextHolder.getSystemLogger().error(e); return error(SystemCode.SYSTEM_LIST_ROLE_FAIL.getValue(), SystemCode.SYSTEM_LIST_ROLE_FAIL.getText() + e.getMessage()); } } /** * 业务端 创建管理员的 功能权限关系列表 产品+模块+功能+按钮 * * @return */ @RequestMapping(value = "/list-function_role-clients/{version}", method = RequestMethod.POST) public String listFunctionRoleClients(HttpServletRequest request) { try { SystemUser currentUser = SpringMVCContextHolder.getCurrentUser(); String client_uuid = currentUser.getClientUuid(); if ("".equals(client_uuid) || null == client_uuid) { return error(SystemCode.SYSTEM_CLIENTSSELECT_FAIL.getValue(), SystemCode.SYSTEM_CLIENTSSELECT_FAIL.getText()); } FieldSetEntity clientFs = baseDao.getFieldSetEntity("product_sys_clients", client_uuid, false); if (null == clientFs || "".equals(clientFs.getString("role_uuid")) || null == clientFs.getString("role_uuid")) { return error(SystemCode.SYSTEM_CLIENTSSELECT_FAIL.getValue(), SystemCode.SYSTEM_CLIENTSSELECT_FAIL.getText()); } return ResultInfo.success(rolesService.listFunctionRole(0, null, 1)); } catch (BaseException e) { SpringMVCContextHolder.getSystemLogger().error(e); return this.error(e); } catch (Exception e) { e.printStackTrace(); SpringMVCContextHolder.getSystemLogger().error(e); return error(SystemCode.SYSTEM_CLIENTSSELECT_FAIL.getValue(), SystemCode.SYSTEM_CLIENTSSELECT_FAIL.getText() + e.getMessage()); } } /** * 查看角色详情 */ @RequestMapping(value = "/find-role/{version}", method = RequestMethod.POST) @ApiVersion(1) public String findRole(HttpServletRequest request) { try { FieldSetEntity fse = null; Object bean = request.getAttribute(CoreConst.API_POST_REQUEST_DATA); if (bean != null) { RequestParameterEntity reqp = (RequestParameterEntity) bean; fse = reqp.getFormData(); } //数据操作的权限验证,特殊条件------------ // if (!permissionService.validDataPermission(fse, clientDataOperPermission())) { // SpringMVCContextHolder.getSystemLogger().error(SystemErrorCode.SYSTEM_NOT_OPER_PERMISSION.getValue(), // SystemErrorCode.SYSTEM_NOT_OPER_PERMISSION.getText()); // return this.error(SystemErrorCode.SYSTEM_NOT_OPER_PERMISSION.getValue(), // SystemErrorCode.SYSTEM_NOT_OPER_PERMISSION.getText()); // } FieldSetEntity fs = rolesService.findRole(fse); return OK_List(fs); } catch (BaseException e) { SpringMVCContextHolder.getSystemLogger().error(e); return this.error(e); } catch (Exception e) { e.printStackTrace(); SpringMVCContextHolder.getSystemLogger().error(e); return error(SystemCode.SYSTEM_FIND_ROLE_FAIL.getValue(), SystemCode.SYSTEM_FIND_ROLE_FAIL.getText() + e.getMessage()); } } /** * 列表角色 */ @RequestMapping(value = "/list-role/{version}", method = RequestMethod.POST) @ApiVersion(1) public String listRole(HttpServletRequest request) { try { FieldSetEntity fse = null; Object bean = request.getAttribute(CoreConst.API_POST_REQUEST_DATA); if (bean != null) { RequestParameterEntity reqp = (RequestParameterEntity) bean; fse = reqp.getFormData(); } DataTableEntity dt = rolesService.listRole(fse); return OK_List(dt); } catch (BaseException e) { SpringMVCContextHolder.getSystemLogger().error(e); return this.error(e); } catch (Exception e) { e.printStackTrace(); SpringMVCContextHolder.getSystemLogger().error(e); return error(SystemCode.SYSTEM_LIST_ROLE_FAIL.getValue(), SystemCode.SYSTEM_LIST_ROLE_FAIL.getText() + e.getMessage()); } } /** * 新增功能权限 * * @return */ @RequestMapping(value = "/add-role/{version}", method = RequestMethod.POST) public String addRole(HttpServletRequest request) { try { FieldSetEntity fse = null; Object bean = request.getAttribute(CoreConst.API_POST_REQUEST_DATA); if (bean != null) { RequestParameterEntity reqp = (RequestParameterEntity) bean; fse = reqp.getFormData(); } IRolesService service = (IRolesService) getProxyInstance(rolesService); String addRole = service.addRole(fse); rolesService.systemMenusService.refreshMenuByRole(fse.getUUID()); return addRole != null ? OK_Add(addRole) : error(SystemCode.SYSTEM_ADD_ROLE_FAIL.getValue(), SystemCode.SYSTEM_ADD_ROLE_FAIL.getText()); } catch (BaseException e) { SpringMVCContextHolder.getSystemLogger().error(e); return this.error(e); } catch (Exception e) { e.printStackTrace(); SpringMVCContextHolder.getSystemLogger().error(e); return error(SystemCode.SYSTEM_ADD_ROLE_FAIL.getValue(), SystemCode.SYSTEM_ADD_ROLE_FAIL.getText() + e.getMessage()); } finally { BaseUtil.setTimeout(() -> rolesService.updateRoleCache(), 3000); } } /** * 修改功能权限 * * @return */ @RequestMapping(value = "/update-role/{version}", method = RequestMethod.POST) public String updateRole(HttpServletRequest request) { try { FieldSetEntity fse = null; Object bean = request.getAttribute(CoreConst.API_POST_REQUEST_DATA); if (bean != null) { RequestParameterEntity reqp = (RequestParameterEntity) bean; fse = reqp.getFormData(); } //数据操作的权限验证,特殊条件------------ if (!permissionService.validDataPermission(fse, clientDataOperPermission())) { SpringMVCContextHolder.getSystemLogger().error(SystemErrorCode.SYSTEM_NOT_OPER_PERMISSION.getValue(), SystemErrorCode.SYSTEM_NOT_OPER_PERMISSION.getText()); return this.error(SystemErrorCode.SYSTEM_NOT_OPER_PERMISSION.getValue(), SystemErrorCode.SYSTEM_NOT_OPER_PERMISSION.getText()); } IRolesService service = (IRolesService) getProxyInstance(rolesService); boolean updateRole = service.updateRole(fse); return updateRole ? OK() : error(SystemCode.SYSTEM_UPDATE_ROLE_FAIL.getValue(), SystemCode.SYSTEM_UPDATE_ROLE_FAIL.getText()); } catch (BaseException e) { SpringMVCContextHolder.getSystemLogger().error(e); return this.error(e); } catch (Exception e) { e.printStackTrace(); SpringMVCContextHolder.getSystemLogger().error(e); return error(SystemCode.SYSTEM_UPDATE_ROLE_FAIL.getValue(), SystemCode.SYSTEM_UPDATE_ROLE_FAIL.getText() + e.getMessage()); } finally { BaseUtil.setTimeout(() -> rolesService.updateRoleCache(), 3000); } } /** * 删除功能权限 * * @return */ @RequestMapping(value = "/delect-role/{version}", method = RequestMethod.POST) public String delectRole(HttpServletRequest request) { try { FieldSetEntity fse = null; Object bean = request.getAttribute(CoreConst.API_POST_REQUEST_DATA); if (bean != null) { RequestParameterEntity reqp = (RequestParameterEntity) bean; fse = reqp.getFormData(); } String uuid = fse.getString("uuid"); //数据操作的权限验证,特殊条件------------ if (!permissionService.validDataPermission(fse, clientDataOperPermission())) { SpringMVCContextHolder.getSystemLogger().error(SystemErrorCode.SYSTEM_NOT_OPER_PERMISSION.getValue(), SystemErrorCode.SYSTEM_NOT_OPER_PERMISSION.getText()); return this.error(SystemErrorCode.SYSTEM_NOT_OPER_PERMISSION.getValue(), SystemErrorCode.SYSTEM_NOT_OPER_PERMISSION.getText()); } if (uuid == null || "".equals(uuid)) { return error(SystemCode.SYSTEM_DELECT_ROLE_FAIL.getValue(), SystemCode.SYSTEM_DELECT_ROLE_FAIL.getText()); } IRolesService service = (IRolesService) getProxyInstance(rolesService); boolean delectRole = service.delectRole(uuid); return delectRole ? OK() : error(SystemCode.SYSTEM_DELECT_ROLE_FAIL.getValue(), SystemCode.SYSTEM_DELECT_ROLE_FAIL.getText()); } catch (BaseException e) { SpringMVCContextHolder.getSystemLogger().error(e); return this.error(e); } catch (Exception e) { e.printStackTrace(); SpringMVCContextHolder.getSystemLogger().error(e); return error(SystemCode.SYSTEM_DELECT_ROLE_FAIL.getValue(), SystemCode.SYSTEM_DELECT_ROLE_FAIL.getText() + e.getMessage()); } } private String clientDataOperPermission() { SystemUser currentUser = SpringMVCContextHolder.getCurrentUser(); // 判断是否为管理员 用管理员所管理的客户uuid进行特殊过滤 if (currentUser != null && currentUser.isManager()) { if (currentUser.getUserType() == 3) { // 隐藏管理类型 return "org_level_uuid in (SELECT uuid FROM product_sys_org_levels WHERE \r\n" + "client_uuid in ('" + currentUser.getClientUuid().replace(",", "','") + "'))"; } else if (currentUser.getUserType() == 1 || currentUser.getUserType() == 2) { // 超级管理员删自己 return " org_level_uuid ='" + currentUser.getOrg_level_uuid() + "'"; } } else { throw new BaseException(SystemCode.SYSTEM_FORM_COUNT.getValue(), SystemCode.SYSTEM_FORM_COUNT.getText(), this.getClass(), "private String systemVersionOperPermission"); } throw new BaseException(SystemErrorCode.SYSTEM_NOT_OPER_PERMISSION.getValue(), SystemErrorCode.SYSTEM_NOT_OPER_PERMISSION.getText(), this.getClass(), "private String systemVersionOperPermission"); } }